Matthew Cai

Undergrad Coursework: SICP, DSA, Machine Structures, Circuits, Computer Architecture, Computer Security, Compilers, OS, Advanced Algorithms, Databases, Machine Learning, Reinforcement Learning, Linear Algebra, Discrete Math, Calculus I/II/III, Abstract Algebra

Graduate Coursework: Computer Architecture (audit), Computer Security, Performance Optimization

Leadership: Berke1337 Cybersecurity Club, Quantum Computing at Berkeley (QCB), Eta Kappa Nu (HKN)

• ·Redesigned concurrency and pipelining for validation of network access control list (ACL) generation, reducing runtime by 99%
• ·Devised a scalable, custom lexer to automate generating 6,000+ lines of AST grammars from Apache Thrift interfaces
• ·Replaced quadratic-complexity IP prefix matching with radix trees in TACACS+ validator, cutting runtime from 2.5 min to 1 sec
• ·Developed CLI to enhance and debug ACL generation library capirca by leveraging real-time OLAP databases and entity graphs

• ·Assessed the performance of Ghidra BSim, an open-source binary differential analysis tool, across diverse architectures and OSS
• ·Integrated Ghidra's Python API into a headless CLI with parallelized BSim database queries and statistical results for engineers
• ·Reverse engineered firmware vulnerabilities and exploited side channels in an embedded ARM device for a CTF, tied for 1st place

• ·Designed the first LLM-based decompiler for Go source recovery, integrating Gemini, Ghidra, GoReSym, and custom Go heuristics
• ·Curated first Go decompiler benchmark of 1.8M functions extracted from 1600 unique binaries across 120 OSS projects
• ·Introduced novel evaluation metrics: CodeBLEU, LLM-as-a-judge, and syntax validation scoring weighted by code and AST complexity

• ·Engineered sandboxed LLM-agent MCP for automated PoC generation across 1,500 vulnerabilities in 200 OSS projects
• ·Discovered 15 zero-days during benchmarking, leading to CVE-2025-7797, CVE-2025-7464, and CVE-2025-7462
• ·Architected framework to evaluate LLM agents on generating ROP chains for real-world binaries, e.g. GNU Coreutils

• ·Extended the GameTime algorithm for worst-case execution time (WCET) analysis of the Lingua Franca polyglot language
• ·Programmed 3 FRDM-K64F microcontrollers with Zephyr RTOS to demo WCET analysis on a real embedded, distributed system

• ·Member of top 3 US CTF Team, Squid Proxy Lovers: 3rd at Google 2025, 2nd at idek 2025, 2nd at Dice Qual 2025, 5th at Lake 2025
• ·Skills: symmetric cryptanalysis; lattice attacks; stack/heap userspace ELF exploitation; microarchitecture exploitation

• ·Helped build custom homelab for network defense training and created custom pwn challenges for demonstrations and practice
• ·Organized training and recruitment for the club CTF team; taught members software exploitation, fuzzing, cryptography, etc.